CVE-2022-29700
First published: Wed Apr 27 2022(Updated: )
A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zammad Zammad | =5.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2022-29700.
What is the severity of CVE-2022-29700?
The severity of CVE-2022-29700 is high with a CVSS score of 7.5.
What is the affected software?
The affected software is Zammad version 5.1.0.
What is the impact of this vulnerability?
This vulnerability allows for the creation of extremely long passwords and can lead to a Denial of Service (DoS) during password verification.
Is there a fix available for CVE-2022-29700?
Yes, please refer to the advisory link for instructions on how to fix CVE-2022-29700: https://zammad.com/en/advisories/zaa-2022-03.
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/remedy
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/zammad
- canonical/zammad zammad
- version/zammad zammad/5.1.0